<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org" xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity4"
>
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
<!--菜单根据用户的角色动态的实现-->
<!--hasRole有vip1这个权限才显示-->
<div sec:authorize="hasRole('vip1')">
<a href="/level1/1">1</a>
<a href="/level1/2">2</a>
<a href="/level1/3">3</a>
</div>
<!--hasRole有vip2这个权限才显示-->
<div sec:authorize="hasRole('vip2')">
<a href="/level2/1">4</a>
<a href="/level2/2">5</a>
<a href="/level2/3">6</a>
</div>
<!--hasRole有vip3这个权限才显示-->
<div sec:authorize="hasRole('vip3')">
<a href="/level3/1">7</a>
<a href="/level3/2">8</a>
<a href="/level3/3">9</a>
</div>


<div sec:authorize="hasRole('userManagement')">
    <a href="/user">user</a>
</div>

<div sec:authorize="hasRole('CommodityManagement')">
    <a href="/product">product</a>
</div>

<div sec:authorize="hasRole('orderManager')">
    <a href="/order">order</a>
</div>
<!--如果未登录-->
<!--isAuthenticated()判断当前用户是否登录-->
<div sec:authorize="!isAuthenticated()">
<a href="/toLogin">登录</a>
</div>
<!--如果已登录： 用户名；注销-->
<div sec:authorize="isAuthenticated()">
    <a>
        用户名： <span sec:authentication="name"></span>
        角色： <span sec:authentication="principal.authorities"></span>
    </a>
<a href="/logout">注销</a>
</div>
</body>
</html>